Cyber Security Analyst
Current▪ Monitored and analyzed security events using SIEM tools (Splunk), utilizing SPL andAQL functions to optimize search queries and identify actionable alerts.▪ Conducted deep network packet inspections with Wireshark and TCPDump, analyzingoutputs across TCP/UDP, DNS, HTTP/HTTPS, SSH, and FTP protocols to detectanomalies.▪ Developed and fine-tuned SIEM correlation rules based on the MITRE ATT&CKFramework, applying Cyber Kill Chain principles to improve threat detection andresponse accuracy.▪ Led incident response processes for network intrusions and endpoint threats, performinglog examination and analysis to validate essential log types and prioritize escalations.▪ Designed and updated playbooks to streamline response actions, leveraging insightsfrom log analysis to enhance preventative measures.▪ Regularly reviewed and filtered logs for critical security events, collaborating effectivelyacross teams to ensure all incidents were tracked and resolved.▪ Collaborated effectively across teams, providing clear communication on threat findingsand engaging in regular compliance discussions to meet NIST and ISO 27001standards.